Security News

European Parliament's data adequacy objection: Doubts cast on UK's commitment to privacy protection
2021-06-03 08:30

Almost two weeks ago, the European Parliament took the step of objecting to the European Commission's decision to grant the UK data adequacy. The European Parliament's resolution will not block adequacy, but it nevertheless sends a significant political signal, particularly in the wake of two major court cases last week, which have found the UK's exemption of immigration from data protection laws to be unlawful and that UK mass surveillance laws violated privacy rights.

UK Special Forces soldiers' personal data was floating around WhatsApp in a leaked Army spreadsheet
2021-06-02 14:28

An astonishing data security blunder saw the personal data of Special Forces soldiers circulating around WhatsApp in a leaked British Army spreadsheet. The document, seen by The Register, contained details of all 1,182 British soldiers recently promoted from corporal to sergeant - including those in sensitive units such as the Special Air Service, Special Boat Service and the Special Reconnaissance Regiment.

Ignition partners with Siemplify to bring SOAR technology to MSSPs across the UK
2021-05-30 00:00

Ignition Technology announced a partnership with Siemplify as its exclusive distributor to bring the leading independent provider of security orchestration, automation and response technology to a growing MSSP community across the UK. Siemplify is redefining security operations for MSSPs worldwide through its innovative platform that helps security teams manage their operations and respond to cyber threats with speed and precision. The Siemplify SOAR platform combines security orchestration, automation, and response with end-to-end security operations management to make analysts and security engineers more productive.

Snowden was right, rules human rights court as it declares UK spy laws broke ECHR
2021-05-25 17:08

Surveillance laws permitting GCHQ to operate its Tempora dragnet mass surveillance system broke the law, the European Court of Human Rights has ruled. "The Court considers that, when viewed as a whole, the section 8(4) regime, despite its safeguards... did not contain sufficient 'end-to-end' safeguards to provide adequate and effective guarantees against arbitrariness and the risk of abuse," ruled the European Court of Human Rights's Grand Chamber.

UK's Competition and Mergers Authority shows some teeth over McAfee antivirus auto-renewals
2021-05-25 15:46

The UK's Competition and Markets Authority has reached agreement with antivirus vendor McAfee that means some customers whose software subscription was automatically renewed will be able to get a refund. It's quite the slap on the wrist for McAfee, whose software tends to be bundled with a large number of devices sold in the UK. Customers who signed up with the company may not have understood the ins and outs of auto-renewal, hence the CMA action.

UK Computer Misuse Act convictions declined last year despite pandemic explosion in online criminal activity
2021-05-21 15:32

Prosecutions under the UK's Computer Misuse Act dropped by a fifth in 2020 even as conviction rates soared to 95 per cent during the year of the pandemic, new statistics have revealed. This week's conviction statistics also showed that the most common CMA crime taken to court was the offence of "Unauthorised access to computer material", accounting for 33 of the year's total of 45 prosecutions under the Act.

UK-Based API Security Firm 42Crunch Raises $17 Million
2021-05-21 12:05

API security firm 42Crunch has raised $17 million in a Series A funding round led by Energy Impact Partners and joined by Adara Ventures. In 2019, Gartner stated, "By 2022, API abuses will move from an infrequent to the most-frequent attack vector, resulting in data breaches for enterprise web applications." Its proposed solution was, "Use a Combination of API Management and Web Application Firewalls to Protect APIs, in Conjunction with Identity Infrastructure."

UK data regulator fines American Express up to 0.021p per email after opted-out folk spammed 4.1 million times
2021-05-20 13:45

American Express has been fined 0.009 per cent of its annual profits by the Information Commissioner's Office after spamming people who opted out of its marketing emails with 4.1 million unwanted messages. "Between 1 June 2018 and 21 May 2019, 4,098,841 of those emails were marketing emails, designed to encourage customers to make purchases on their cards which would benefit Amex financially. It was a deliberate action for financial gain by the organisation. Amex also did not review its marketing model following customer complaints," said the ICO in a statement.

Sourcepoint appoints four senior leaders in the UK and US
2021-05-18 22:45

These recent advancements are enabling Sourcepoint to better serve its new and existing customers across Europe, the UK and North America. Rubash, Chief Privacy Counsel, has more than 15 years of legal and privacy experience, which will be integral to this foundationally important position at Sourcepoint.

The UK loves cybersecurity so much, it's going to regulate managed service providers' infosec practices in law
2021-05-18 15:03

The British government has vowed to create a legally binding cybersecurity framework for managed service providers - and if you want to tell gov. Targeted at managed service providers and firms outsourcing their digital infrastructure services alike, the review is described by the government as helping build evidence for "Additional government intervention" to force businesses into formally assessing cyber risks to their supply chains.